你能告诉我是否可以将nginx中的所有头从upstream/auth_gateway重定向到/connection吗。我的请求和nginx配置
curl -silent -include -X 'GET' -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJZa0hadkt5YUJuNU9oaVF6d3kxWXduNFBHYm5RSDV0aDh1ZkhOWHZiTVdrIn0' -H 'x-realy-company: google' -H 'x-realy-request-id: 12545787' https://mycooldomain.org/connection/
将在授权服务/auth_gateway上添加新的标头,例如x-realy-privileges、x-realy-user和其他标头。
location ~* ^/connection/ {
if ($http_authorization !~ "^Bearer .{20,}"){
return 403 "Not authorized";
}
auth_request /auth_gateway;
auth_request_set $auth_status $upstream_status;
proxy_pass http://10.xx.xx.xx:8080;
}
location = /auth_gateway {
proxy_pass http://10.xx.xx.xx:8081/authorize;
proxy_set_header X-Original-URI $request_uri;
}
x-realy-user: da82fe4b-d0ef-477e-a3d1-facc78b605c7
x-realy-privileges: 1,2,3,4,5,6,7,8,9,10
x-realy-global-roles: ROLE_OPERATOR
x-realy-okt-id: da82fe4b-d0ef-477e-a3d1
这些标头是从承载授权令牌中提取的,我想将它们重定向到/connection
感谢并提前!
好吧,我是通过lua模块完成的。我希望这对将来的某个人有所帮助。
此处为完整代码
location ~* ^/connection/ {
if ($http_authorization !~ "^Bearer .{20,}"){
return 403 "Not authorized";
}
auth_request /auth_gateway;
auth_request_set $auth_status $upstream_status;
rewrite_by_lua_block {
local res1 = ngx.location.capture("/auth_gateway", {method=ngx.HTTP_GET, args=args})
local concat = table.concat
for name, value in pairs(res1.header) do
if type(value) == "table" then
ngx.req.set_header(name, concat(value, ", "))
else
ngx.req.set_header(name, value)
end
end
}
proxy_pass http://10.xx.xx.xx:8080;
}
location = /auth_gateway {
proxy_pass http://10.xx.xx.xx:8081/authorize;
proxy_set_header X-Original-URI $request_uri;
}